Open the web.xml deployment descriptor for
the Web application and record the content of any
<url-pattern> and
<http-method> elements, as well as any
<role-name> subelements of the
<auth-constraint> element.